> From: Baolu Lu <baolu.lu@xxxxxxxxxxxxxxx>
> Sent: Saturday, August 26, 2023 4:04 PM
>
> On 8/25/23 4:17 PM, Tian, Kevin wrote:
> >> +static void assert_no_pending_iopf(struct device *dev, ioasid_t pasid)
> >> +{
> >> + struct iommu_fault_param *iopf_param = dev->iommu-
> >>> fault_param;
> >> + struct iopf_fault *iopf;
> >> +
> >> + if (!iopf_param)
> >> + return;
> >> +
> >> + mutex_lock(&iopf_param->lock);
> >> + list_for_each_entry(iopf, &iopf_param->partial, list) {
> >> + if (WARN_ON(iopf->fault.prm.pasid == pasid))
> >> + break;
> >> + }
> > partial list is protected by dev_iommu lock.
> >
>
> Ah, do you mind elaborating a bit more? In my mind, partial list is
> protected by dev_iommu->fault_param->lock.
>
well, it's not how the code is currently written. iommu_queue_iopf()
doesn't hold dev_iommu->fault_param->lock to update the partial
list.
while at it looks there is also a mislocking in iopf_queue_discard_partial()
which only acquires queue->lock.
So we have three places touching the partial list all with different locks:
- iommu_queue_iopf() relies on dev_iommu->lock
- iopf_queue_discard_partial() relies on queue->lock
- this new assert function uses dev_iommu->fault_param->lock
